ISO 27001 Consultancy Services

ISO/IEC 27001 is an international information security management system (ISMS) Standard which was first published in October 2005 before being revised and updated in 2013. Along with ISO 27002, ISO 27001 provides organisations with a best practice framework for managing their information security.

Achieving certification, entailing an external assessment of the ISMS by a certification body, provides you with the most effective means of demonstrating your information security commitment and capabilities to clients, internal and external stakeholders.

Challenges of Implementing ISO 27001

One of the key features of ISO 27001 is that it is risk-based. The implementation of controls (technical measures, policies, processes etc.) is not prescriptive, but is determined by an information risk assessment taking into account your risk appetite and the information you are seeking to protect.

The goal with ISO 27001 is achieving an optimum balance, where the mandatory management system requirements of the Standard are being met whilst ensuring that your ISMS is tailored as fully as possible to your organisation’s size, culture and business objectives.

Achieving the Optimum ISMS

Achieving this optimum balance is where URM excels. We are able to ensure that you gain maximum benefit from implementing ISO 27001 by virtue of our experience (300 plus certifications), consultancy expertise (all ex-information security managers with real-world experience and understanding of the challenges you face) and our purpose-designed risk management tool (Abriska®).

Should you be seeking certification to ISO 27001, we provide a 100% guarantee that you will achieve your goal if you select URM as your consultancy partner. Furthermore, our consultancy services come with the assurance that any implemented ISMS will be tailored, appropriate and sustainable.

URM’s ISO 27001 consultancy services are also totally flexible and our consultants can provide guidance and knowledge transfer across the full lifecycle or specific areas such as assisting with risk assessments, policies and procedures, awareness and education, and compliance with legislative and regulatory requirements, including the Data Protection Act and the GDPR.

Support will be tailored to your specific requirements and is often dependent on factors such as the availability of internal expertise, as well as timescales and budgets. URM also has a team of highly skilled and experienced auditors.

In addition, we can provide interim information security managers and interim data protection managers/officers to provide cover for absence or while you recruit a permanent resource, as well as managing a specific project (e.g. implementing a management system or complying with a new regulation), or addressing a turnaround or change requirement.

What people say about us

caret-down caret-up caret-left caret-right

“Without doubt, URM helped us to achieve our planned objectives a lot sooner than expected. The engagement was a huge success and couldn’t have gone any better”

Tony Smollett, Group IT Director, UK Mail

“Without URM, Havas People would not of achieved its certification goals”

Jonathan Malone, Director, Havas People

Want to Learn More?

If you are looking to comply or certify with ISO 27001, we can provide you with a number of free sources of practical advice, URM holds regular ISO 27001 implementation seminars and webinars which provide real-world insights on pitfalls to avoid and hints and top tips for ensuring a successful outcome.

The contents of these seminars is based on the cumulative experiences of URM implementing hundreds of ISMS’ over the last 20 years and the focus is on ‘how to’ certify.

In addition to attending free ISO 27001 seminars and webinars, you can also take advantage of URM’s free ISO 27001 health checks. The half-day health checks are aimed at organisations looking to certify to ISO 27001 and are seeking to benchmark what they currently have in place against the requirements of the Standard.

Following the health check, which is delivered by our senior consultants, you will receive a high-level report and graph indicating the maturity of the key components of your ISMS. The health check provides you with a perfect way of understanding your current compliance status, where your development priorities lie and the likely timescales and resources you will require in order to achieve certification.

Other valuable sources of free information from URM include our blogs and top tips where we focus on a specific issue or requirement of ISO 27001 and provide our practical perspective on how this requirement can be most effectively satisfied.

We have helped more than 300 organisations, let us help you

More about ISO 27001 and 27002

Consultancy Services

Information Security Training

About URM

Follow us on